New Year's Resolution: Full Disk Encryption on Every Computer You Own

New Year's Resolution: Full Disk Encryption on Every Computer You Own

The New Year is upon us, and you might be partaking in the tradition of making a resolution for the coming year. This year, why not make a resolution to protect your data privacy with one of the most powerful tools available? Commit to full disk encryption on each of your computers.

Many of us now have private information on our computers: personal records, business data, e-mails, web history, or information we have about our friends, family, or colleagues. Encryption is a great way to ensure that your data will remain safe when you travel or if your laptop is lost or stolen. Best of all, it's free. So don't put off taking security steps that can help protect your private data. Join EFF in resolving to encrypt your disks 2012.

Here's some basic info about full disk encryption. You can read this and much more (including information on password security) in our recent whitepaper on protecting privacy at the border.

Full disk encryption uses mathematical techniques to scramble data so it is unintelligible without the right key. This mathematical protection works independently of the policies configured in the operating system software. A different operating system or computer cannot just decide to allow access, because no computer or software can make any sense of the data without access to the right key.

Without encryption, forensic software can easily be used to bypass an account password and read all the files on your computer.

Fortunately, modern computer systems come with comparatively easy full-disk encryption tools that let you encrypt the contents of your hard drive with a passphrase that will be required when you start your computer. Using these tools is the most fundamental security precaution for computer users who have confidential information on their hard drives and are concerned about losing control over their computers — not just at a border crossing, but at any moment during a trip when a computer could be lost or stolen.

Choosing a Disk Encryption Tool

Choosing encryption tools is sometimes challenging because there are so many options available. For the best security, choose a full-disk encryption tool that encrypts everything on your computer rather than a file-encryption tool that encrypts individual files separately. This may need to be set up at the time your operating system is first installed. Every major operating system now comes with encryption options.

Microsoft BitLocker in its most secure mode is the gold standard because it protects against more attack modes than other software. Unfortunately, Microsoft has only made it available with certain versions of Microsoft Windows.

Mac OS X and most Linux distributions have their own full-disk encryption software built in.

For more detailed information about the advantages and disadvantages of various tools, check out this Wikipedia article comparing full-disk encryption software.

Make a Strong Passphrase and Don't Lose It

Full-disk encryption is most effective if you make a strong passphrase using a technique like Diceware. This or other modern passphrase-making techniques can produce a strong but memorable passphrase.

Remember that access to your data is dependent on having access to your passphrase. By design, if you lose it, your computer and data will be completely unusable. So, make sure your passphrase won't be lost! For many people, this could involve writing it down and keeping a copy someplace different from where you keep your computer. (You can combine your encryption resolution with a resolution to make regular backups, if you're not already doing so. And you can also choose to encrypt your backups.)

Full disk encryption is one of the most important steps you can take to protect the privacy of your data. If you haven't done it yet, resolve to encrypt in 2012.

Related Updates

The full weight of U.S. policing has descended upon protesters across the country as people take to the streets to denounce the police killings of Breonna Taylor, George Floyd, and countless others who have been subjected to police violence. Along with riot shields, tear gas, and other crowd control...

Your phone is your life. It’s where you communicate, get your news, take pictures and videos of your loved ones, relax and play games, and find a significant other. It can track your health, give you directions, remind you of events, and much more. It’s an incredibly helpful tool, but...

EFF has joined a broad coalition of civil liberties, civil rights, and labor advocates to oppose A.B. 2261, which threatens to normalize the increased use of face surveillance of Californians where they live and work. Our allies include the ACLU of California, Oakland Privacy, the California Employment Lawyers Association, Service...

In the wake of nationwide protests against the police killings of George Floyd and Breonna Taylor, we urge protestors to stay safe, both physically and digitally. Our Surveillance Self Defense (SSD) Guide on attending a protest offers practical tips on how to maintain your privacy and minimize your digital...

With states beginning to ease shelter-in-place restrictions, the conversation on COVID-19 has turned to questions of when and how we can return to work, take kids to school, or plan air travel.Several countries and U.S. states, including the UK, Italy, Chile, Germany, and California, have expressed interest in...

When it comes to surveillance of our online lives, Internet service providers (ISPs) are some of the worst offenders. Last year, the state of Maine passed a law targeted at the harms ISPs do to their customers when they use and sell their personal information. Now that law is...

COVID-19, and containment efforts that rely on personal data, are shining a spotlight on a longstanding problem: our nation’s lack of sufficient laws to protect data privacy. Two bills before Congress attempt to solve this problem as to COVID-19 data. One is a good start that needs improvements. The other...

In a landmark decision, the German Constitutional Court has ruled that mass surveillance of telecommunications outside of Germany conducted on foreign nationals is unconstitutional. Thanks to the chief legal counsel, Gesellschaft für Freiheitsrechte (GFF), this a major victory for global civil liberties, but especially those that live and...